<!DOCTYPE html>
<meta charset="utf-8">
<title>X-Frame-Options invalid values</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="./support/helper.sub.js"></script>

<body>
<script>
"use strict";

xfo_simple_tests({
  headerValue: `INVALID`,
  sameOriginAllowed: true,
  crossOriginAllowed: true
});

xfo_simple_tests({
  headerValue: `ALLOW-FROM https://example.com/`,
  sameOriginAllowed: true,
  crossOriginAllowed: true
});

xfo_simple_tests({
  headerValue: `ALLOW-FROM=https://example.com/`,
  sameOriginAllowed: true,
  crossOriginAllowed: true
});

xfo_simple_tests({
  headerValue: `ALLOWALL`,
  sameOriginAllowed: true,
  crossOriginAllowed: true
});

xfo_simple_tests({
  headerValue: `"DENY"`,
  sameOriginAllowed: true,
  crossOriginAllowed: true
});

xfo_simple_tests({
  headerValue: `"SAMEORIGIN"`,
  sameOriginAllowed: true,
  crossOriginAllowed: true
});

xfo_simple_tests({
  headerValue: `"SAMEORIGIN,DENY"`,
  sameOriginAllowed: true,
  crossOriginAllowed: true
});

xfo_simple_tests({
  headerValue: ``,
  sameOriginAllowed: true,
  crossOriginAllowed: true
});
</script>
